IT Monitor Server G8 User manual (Version 2.0.0)  
 

5 Internet remote access

If you have hosts in your local network that have IT Monitor server installed and running, you cannot access its services from outside the network directly. To use the services remotely, e.g. from the Internet, you need a network proxy on which IT Monitor server is also installed. No additional license is required for this IT Monitor server. No further configuration of the “monitorsrv” program is required. “monitorsrv” on the proxy simply forwards requests for “monitorsrv”, and only requests for “monitorsrv”, to any hosts within the local network that are running “monitorsrv”. When adding a server to the “Server List” (see Fig. 4.8), you merely need to specify the address of the host in the local network, and also the proxy address (else this field remains empty). User name and password refer to the host in the local network.

Accessing
the HELIOS IT Monitor server from the Internet

Fig. 5.1: Accessing the HELIOS IT Monitor server from the Internet

5.1 Proxy functionality

Instructions on the configuration of the HELIOS IT Monitor app proxy server settings are given in 4.1.1 “Add server”.

“monitorsrv” can be installed without any licenses on a proxy server which has one internet connection as well as one intranet connection. The proxy allows remote IT Monitor iPhone app users to connect to the observed intranet server (e.g. Server1 172.16.1.1) to access the IT Monitor server statistics. The communication between the iPhone and the IT Monitor server is usually done via the TCP port 2029 (see TcpPort). If a proxy server is used, the connection gets into the proxy on port 2029 (see ProxyPort), the proxy connects the incoming iPhone to the intranet server on port 2029. The connection is done via a private protocol therefore the incoming proxy functionality cannot connect to non IT Monitor servers.

The second need for the proxy is that the intranet IT Monitor server can send push notifications which are sent to a HELIOS push notification server on the Internet. This HELIOS push server communicates with the Apple push services, which will notify the corresponding iPhone users.

Note:

The installation of an IT Monitor server on a proxy server does not require any HELIOS licenses. In this case the IT Monitor server will only behave like a proxy computer.

5.2 Non-proxy environments

The IT Monitor server needs to have working internet DNS name services and must be allowed to do TCP internet connections to port 2061, to communicate with the HELIOS push notification server for sending push alarms.

The IT Monitor iPhone app must be allowed to connect to the IT Monitor server on port 2029. In case IT Monitor server is in the Intranet, the port 2029 must be connected via a gateway (router/firewall/NAT) to the Intranet server on port 2029. If required, the port can be specified in the iPhone host settings by using the hostname:port syntax. When using multiple intranet IT Monitor servers, different ports can be used to connect to the different intranet server, e.g.:

iPhone “Host” Router Incoming/Forward IT Monitor Host
myrouter:2029 myrouter:2029 / Server 1:2029 Server 1:2029
myrouter:2030 myrouter:2030 / Server 2:2029 Server 2:2029
myrouter:2031 myrouter:2031 / Server 3:2029 Server 3:2029

In case IT Monitor server is available directly on the Internet, with a valid DNS configuration without any outgoing/​incoming communication limitations, there is no configuration change required.

5.3 Security considerations

In some environments it is advisable that the proxy connects to the HELIOS Monitor servers over the IP address exclusively rather than over the host name. This adds security because host names can be guessed much easier than IP addresses by unauthorized persons.


HELIOS Website © 2020 HELIOS Software GmbH  
HELIOS Manuals September 10, 2020